Skip to main content
CVE-2016-5060 MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in nGrinder before 3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) description, (2) email, or (3) username parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Ngrinder
NVD GitHub
CVSS 3.0
6.1
EPSS
0.5%
CVE-2016-6313 MEDIUM This Month

The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Libgcrypt Debian Linux Ubuntu Linux Gnupg
NVD
CVSS 3.0
5.3
EPSS
3.2%
CVE-2016-6711 MEDIUM PATCH This Month

A remote denial of service vulnerability in libvpx in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker to use a. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.5%
CVE-2016-6712 MEDIUM PATCH This Month

A remote denial of service vulnerability in libvpx in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker to use a. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2016-7439 MEDIUM This Month

The C software implementation of RSA in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Wolfssl
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-7438 MEDIUM This Month

The C software implementation of ECC in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Wolfssl
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-6720 MEDIUM PATCH This Month

An information disclosure vulnerability in libstagefright in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Google Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-6722 MEDIUM PATCH This Month

An information disclosure vulnerability in libstagefright in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Google Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-7440 MEDIUM PATCH This Month

The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure MariaDB MySQL Wolfssl Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy